AIX trusted installation

Edit online

Starting with IBM® AIX® 7.2 with Technology Level 4, the AIX software images are digitally signed. Digitally signed software protects against corrupted artifacts, process breakdown that includes accidentally delivering the wrong item, and any malicious intent.

A Digital Signature Policy option can be set during the operating system install, or can be set on a running system by using the chsignpolicy command.
Note: Policy settings are not applied during an operating system installation. You must first complete the operating system installation to ensure a running system. Any additional software or updates that are installed on an AIX running system are verified based on Digital Signature Policy configuration.

Prompted installation

You can set the Digital Signature Policy option during the installation of the AIX operating system or on a running AIX system. During a prompted operating system installation, you can set the signature policy by using the following menu options: Installation and Settings > Security Models > Digital Signature Policy. The following figure shows the menu options for setting the Digital Signature Policy option:
                  Installation and Setting
Either type 0 and press Enter to install with current settings, or type the 
number of the setting you want to change and press Enter.
            1 System Settings:
                Method of Installation.............New and Complete Overwrite   
                Disk Where You Want to Install.....hdisk2...
            2 Primary Language Environment Settings (AFTER Install):      
                Cultural Convention................English (United States)
                Language ..........................English (United States)
                Keyboard ..........................en.IS08859-1
                Keyboard Type......................Default
            3 Security Model.......................Default
            4 More Options (Software install options)
            5 Select Edition.......................Standard
        >>> 0 Install with the current settings listed above.
          Security Models  
   Type the number of your choice and press Enter.  
  1. Trusted AIX................................................... No
  2. Digital Signature POlicy...................................... None
  3. Other Security Options (Trusted AIX and Standard)
        Security options vary based on choices.
        LAS, SbD, BAS/CCEVAL

>>> 0 Continue to more software options.

Non-prompted installation

During a non-prompted installation of the software package, you can set the Digital Signature Policy option by updating the SIGN_POLICY field in the bosinst.data file or in the bosinst_data resource for network installation. The /usr/lpp/bosinst/bosinst.template file has information to configure a bosinst.data file for an automated non-prompted installation of the AIX operating system. The description of the control_flow_stanza in the bosinst.data file has information about the SIGN_POLICY field.

Using the chsignpolicy command

You can use the chsignpolicy command to change the value of the SIGN_POLICY attribute to one of the following values:
none
Indicates that the AIX operating system does not check the signatures of the software packages that are being installed or updated. This value is set by default.
low
Indicates that the AIX operating system checks the signatures of the software packages that are being installed or updated. If the signature verification fails, the installation process displays a warning message, but the installation continues.
A warning message similar to the following displays:
INFO: Package <full path to package name> failed signature verification.
medium
Indicates that the AIX operating system checks the signatures of the software packages that are being installed or updated. If the signature verification fails, the installation process prompts you whether you want to continue the installation. You must confirm for each file set that fails signature verification. Otherwise, the software package is not installed successfully.
A warning message similar to the following displays:
WARNING: Package <full path to package name> failed signature verification. Continue? (y/n)
high
Indicates that the AIX operating system checks the signatures of the software packages that are being installed or updated. If the signature verification fails, the installation of the software fails.
The failure message is similar to the following example:
FAILURE: Package <full path to package name> failed signature verification.